Phishing caign targets developers of Chrome extensions

The Google Chrome extension developer was the target of the large-scale phishing campaign last week, ZDNet Have learned.

The campaign tried to tempt developers to access phishing sites that developers were trying to obtain login credentials for the Google developer account.

The reason for acquiring this identity is that a malicious actor may log in to the Chrome Web Store's dashboard and send a malicious version of the legitimate Chrome extension.

In addition: Telegram fixes leakage of IP address of desktop client

Such a large-scale phishing campaign was held before the summer of 2017.

Last year, developers of several Chrome extensions became victims and their extensions were taken over by fraudsters. These extensions have been modified to insert ads into legitimate traffic.

Extended functions such as Web Developer, Chrometana, Infinity New Tab, CopyFish, Web Paint, Social Fixer, Touch VPN, Betternet VPN, etc. have been fixed in the same way even after phishing by developers.

CNET: Google's $ 50 Titan Security Key Set can be purchased now

Some Chrome extension developers have confirmed that a new phishing scam is occurring again like last year ZDNet.

In this last round of spam fraudster sent an e-mail using Kevin Murphy's identity (dev-support @ webstoredevsupport[.]com), Google employee of the Chrome Web Store team.

Copy of received e-mail extension developer. ZDNet Andrey Meshkov of AdGuard and Harry Denley of EtherSecurityLookup are integrated below.

Fraudsters are afraid of extension developers to quote the new Google policy and fill out Google Form with a valid address or suspend accounts.

Like most phishing scams, it was an unpleasant effort. The Google Form link was not sent on Google Form, but it was redirected via the usgbc.org domain. This means that developers of careful extension functions were able to detect the authenticity of the mail by hovering over the link. The format of this link is as follows.

https: //[extension_ID].usgbc.org / forms /? ext_id =[extension_ID]; authuser =[email]

Last week's campaign, Chrome extension developers visited their profile page. Chrome Web Store support[.]I asked to log in to my Google Account

chrome-ext-dev-login.png

Redirected user redirected to … to a full pixel clone on the Google Account login page https: //login.chromewebstoresupport[.]com

height = quot; auto quot; width = quot; 470 quot; data-original = quot; https://zdnet3.cbsistatic.com/hub/i/r/2018 / 09/30/3 cc 985 e 3 - b 8 ce - 41 f 4 - 9 fb 3 - 6 cc 7 dba 108 d 7 / resize / 470 xauto / 802 b 5 abf 89 d 63 f 150 ccd 636868 728 c 408 / chrome - ext - dev - phishing - site.png quota; / gt; lt; / spangt; lt; noscriptgt; =chrome-ext-dev-phishing-site.png

This is a very bad attempt …

Hope you like the news Phishing caign targets developers of Chrome extensions. Stay Tuned For More Updates 🙂

Compsmag